FortiWeb - Multiple stack-based buffer overflow vulnerabilities in CLI command
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-20-206
Final
1
1
2021-09-07T00:00:00
Current version
2021-09-07T00:00:00
2021-09-07T00:00:00
Multiple stack-based buffer overflow vulnerabilities in FortiWeb CLI interface may allow an authenticated attacker to execute unauthorized code or commands via config backup arguments.
Execute unauthorized code or commands
FortiWeb version 6.3.14 or below FortiWeb version 6.2.4 or below
Upgrade to FortiWeb 6.4.0 or above Upgrade to FortiWeb 6.3.15 or above Upgrade to FortiWeb 6.2.5 or above
Internally discovered and reported by Fortinet PSIRT.
FortiWeb 6.3.14
FortiWeb 6.3.13
FortiWeb 6.3.12
FortiWeb 6.3.11
FortiWeb 6.3.10
FortiWeb 6.3.9
FortiWeb 6.3.8
FortiWeb 6.3.7
FortiWeb 6.3.6
FortiWeb 6.3.5
FortiWeb 6.3.4
FortiWeb 6.3.3
FortiWeb 6.3.2
FortiWeb 6.3.1
FortiWeb 6.3.0
FortiWeb 6.2.4
FortiWeb 6.2.3
FortiWeb 6.2.2
FortiWeb 6.2.1
FortiWeb 6.2.0
FortiWeb - Multiple stack-based buffer overflow vulnerabilities in CLI command
CVE-2021-36179
FortiWeb-6.3.14
FortiWeb-6.3.13
FortiWeb-6.3.12
FortiWeb-6.3.11
FortiWeb-6.3.10
FortiWeb-6.3.9
FortiWeb-6.3.8
FortiWeb-6.3.7
FortiWeb-6.3.6
FortiWeb-6.3.5
FortiWeb-6.3.4
FortiWeb-6.3.3
FortiWeb-6.3.2
FortiWeb-6.3.1
FortiWeb-6.3.0
FortiWeb-6.2.4
FortiWeb-6.2.3
FortiWeb-6.2.2
FortiWeb-6.2.1
FortiWeb-6.2.0
7.8
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:X
https://fortiguard.fortinet.com/psirt/FG-IR-20-206
FortiWeb - Multiple stack-based buffer overflow vulnerabilities in CLI command
Reference>